So, you have committed a sin of checking in data/passwords/secrets and tokens. How do you remove them from the git log. There are several tools available you can use, and I'm going to show a quick example of using BFG.

Note: Do not fork the repo in the GitHub interface if you are redacting a repo to share your code with others.

In this example, I will assume we will push the changes to a new repository.

  1. Create text file with each line containing a string/secrect you want to redact from your repo
  2. Create the new reposisotry in github to store the redacted copy

Next run the following

  git clone --mirror git@github.com:example/example.git
  cd example.git
  bfg --no-blob-protection --replace-text ../redecations.txt
  bfg --delete-folders bad_folder_with_secrets
  git remote add redacted_repo git@github.com:example/example-redacted.git
  git push redacted_repo --mirror